fre 2010-04-09 klockan 12:12 +0100 skrev Markus Moeller:
> Regarding your second point about workgroups the answer is that Kerberos
> can work too (with popup). But to make it work your DHCP server has to
> privode WINS servers (or it has to be hardcoded on the client). When a
> client gets the Negotiate request the client will try to find out where the
> domain server is for that domain (using the username details e.g. @DOMAIN)
> via Netbios name resolution using the configured WINS servers. Once they
> are determined the client will send AS and TGS requests to the domain server
> and can then authenticate to the proxy.
Are you sure it relies on WINS in this case? DNS SRV records is the
normal mechanism for discovery of KDC servers..
Regards
Henrik
Received on Fri Apr 09 2010 - 18:50:50 MDT
This archive was generated by hypermail 2.2.0 : Sat Apr 10 2010 - 12:00:03 MDT